package pfx;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;

import sun.misc.BASE64Encoder;

public class Get_pfx {

	/**
	 * 获取 pfx 通过私钥 和 证书
	 * 1. 获取 私钥，
	 * 2. 获取证书，
	 * 3. 使用keystore.load
	 * 4. keystore .setEntry
	 * 
	 * 
	 * @param args
	 * @throws Exception 
	 */
	public static void main(String[] args) throws Exception {
		
		String x509Cert = "C:\\Users\\Administrator\\Desktop\\ttt\\bankside1.cer";
		String password = "123456";
		String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAIApSXeqcT3pKCBDKGpKqf+ByvrSdwMzDnmUb+6eVsms/GpbIhCHrGr+/fPRuq/COZuEsiNmkjusEeNgJCEoga/AzQ3xDklx6VZ7UDMfOVtK4KRsWHSMfYCtcXm2btppxcM6dOFwimtt1vPptgYfxsbdmtrxJw0ziccj0jAV4wpPAgMBAAECgYAHh+WMRZSv6aJ0+t1GGasRm4Pc5z8dDgP8uu8021MIOMUATuiahg5onyE3EYzhxQzziYGaOO3A2eSXMtAMrr+oCdwN7gqwjShgGkB/2cDvDnJ0wFHntvCYXjp13QEFJ8CO5fkYWLVxFtJ6VrdLUktUvhR+Fw4JLuTho/11lYdhGQJBAMFdi3RD2XEyoAoH4mkZ5siPfyW6gu5qkBBroAb3WJaAYxL0bwRmFYI+Q5YAmjYZwJlnm8AC3bMJREpFslP0NOUCQQCprNCXNQal6XuzyQGngy6eAOVGLKp/inGWyRW/wuFu6TJAGTAonbwTpNfeEfQ3aOJGgt/DHWOfvdVJ9BbraqMjAkEArX/2BRhsHrnCB74TVSK8hPDcsUms+af8I/+t0xJVFpWUUAmrI1NFsVuU4R8hP7HTstHYWm0359FEyS/IVrQkUQJAXaWG3t2iVLHf12OKaTTq5sPhxvBiDdCQTsOfIF5j474LQPtl7BTauBDUH7nTCz31HSugamTvFjxE2vNALyCE9wJAEE6G0W9IZDm6w+5nbiZ2mAhd0VBfMI2apa09/yMQGcqt2974bw/42chPoO9Vcwua+x3LsQ1stxl3+6jADQp7Fw==";
		PrivateKey rsaPrivateKey = null;
		String pfx_path = "C:\\Users\\Administrator\\Desktop\\ttt\\bankside092502.pfx";
		
		//  私钥
		byte[] byte_privateKey = Base64.decodeBase64(privateKey);
		PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(byte_privateKey);
		KeyFactory keyFactory = KeyFactory.getInstance("RSA");
		rsaPrivateKey = keyFactory.generatePrivate(keySpec);
		
		// 证书
		CertificateFactory cf = CertificateFactory.getInstance("X.509");
		X509Certificate x509Certificate =  (X509Certificate) cf.generateCertificate(new FileInputStream(x509Cert));
		
		
		// pk12
		get_pfx(rsaPrivateKey, x509Certificate, password, pfx_path);
		
	}

	public static void get_pfx(PrivateKey privateKey,X509Certificate x509Certificate,String password,String pfx_path) throws Exception{
		
		X509Certificate[] chain = { x509Certificate }; 
		
		KeyStore keyStore = KeyStore.getInstance("PKCS12");
		keyStore.load(null, password.toCharArray());
		keyStore.setKeyEntry(x509Certificate.getSerialNumber().toString(), privateKey, password.toCharArray(),chain);
		ByteArrayOutputStream baos = new ByteArrayOutputStream();
		keyStore.store(baos, password.toCharArray());
		
		byte[] byte_pk12 = baos.toByteArray();
		
		File file = new File(pfx_path);
		file.createNewFile();
		
		FileUtils.writeByteArrayToFile(file, byte_pk12);

	}
}





















